Angel-KP

In de veilige modus werkt de scan niet. Ik heb de administrator een wachtwoord toegekend. In de normale modus kan ik niet voor het aanmelden van de administrator kiezen in het algemeen voor windows. Als ik wederom bij opdrachtprompt, uitvoeren als... administrator met wachtwoord intoets dan krijg ik dezelfde foutmelding als tevoren.

Deze mogelykheid werkt niet. Ik heb geen wachtwoorden ingesteld, dus de password blanco gehouden.

[ATTACH]16759[/ATTACH] Krijg de keuze: Uitvoeren als huidige gebruiker of Deze gebruiker:.... Optie voor uitvoeren als Administrator is niet aanwezig. Hoe kan ik dit alsnog doen? Printscreen 26.02.12.bmp

Foutmelding bij het maken van de scan: [ATTACH]16709[/ATTACH] Printscreen 24.02.12.bmp

Het was waarschijnlijk al te verwachten, maar hoe kan ik de uitvoering als administrator doen? Ik, met accounttype eigenaar met toegang als administrator, laat zoals verwacht de scan niet starten. Een andere opmerking, ik heb geen windows installatie cd/dvd. Is er een andere mogelijkheid, want de cd die ik voor het installeren voor windows heb gebruikt was van mijn oude laptop van ongeveer 14 jaar geleden. Door met enige regelmaat Windows Xp te herinstalleren, schijnt het aantal keren te zijn overschreden. Met dien verstande dat ik dezelfde cd heb gebruikt voor mijn andere 2 computers.

Vriendelijk dank. Hierbij de log: Het bestandssysteem op C: wordt gecontroleerd... Het type bestandssysteem is NTFS. Er is in een eerder stadium een schijfcontrole gepland. Windows zal de schijf nu controleren. Bezig met het herstellen van kleine inconsistentiefouten op het station. Bezig met het opruimen van 6 ongebruikte indexingangen in de index $SII van het bestand 0x9. Bezig met het opruimen van 6 ongebruikte indexingangen in de index $SDH van het bestand 0x9. Bezig met het opruimen van 6 ongebruikte security descriptors. CHKDSK is bezig met het controleren van het USN-logboek... Controle van USN-logboek is voltooid. CHKDSK is bezig met het controleren van de bestandsgegevens (stap 4 van 5)... De controle van bestandsgegevens is voltooid. CHKDSK is bezig met het controleren van vrije ruimte (stap 5 van 5)... De controle op vrije schijfruimte is voltooid. 58315918 kB totale schijfruimte. 23403136 kB in 86728 bestanden. 35772 kB in 12581 indexen. 0 kB in beschadigde sectoren. 566690 kB wordt gebruikt door het systeem. Het logboekbestand neemt 65536 kB in beslag. 34310320 kB beschikbaar op schijf 4096 bytes per cluster 14578979 clusters in totaal op schijf 8577580 clusters beschikbaar op schijf Interne info: 80 cd 01 00 f9 83 01 00 df 25 02 00 00 00 00 00 .........%...... 93 29 00 00 03 00 00 00 02 09 00 00 00 00 00 00 .).............. 30 28 45 08 00 00 00 00 64 3f 56 3d 00 00 00 00 0(E.....d?V=.... b4 20 9e 5a 00 00 00 00 fc cb 7c d6 02 00 00 00 . .Z......|..... 38 82 32 7b 01 00 00 00 9c cd ff fa 04 00 00 00 8.2{............ b0 7b c5 b8 00 00 00 00 78 39 07 00 c8 52 01 00 .{......x9...R.. 00 00 00 00 00 00 6a 94 05 00 00 00 25 31 00 00 ......j.....Het bestandssysteem op C: wordt gecontroleerd... Het type bestandssysteem is NTFS. Er is in een eerder stadium een schijfcontrole gepland. Windows zal de schijf nu controleren. Bezig met het herstellen van kleine inconsistentiefouten op het station. Bezig met het opruimen van 6 ongebruikte indexingangen in de index $SII van het bestand 0x9. Bezig met het opruimen van 6 ongebruikte indexingangen in de index $SDH van het bestand 0x9. Bezig met het opruimen van 6 ongebruikte security descriptors. CHKDSK is bezig met het controleren van het USN-logboek... Controle van USN-logboek is voltooid. CHKDSK is bezig met het controleren van de bestandsgegevens (stap 4 van 5)... De controle van bestandsgegevens is voltooid. CHKDSK is bezig met het controleren van vrije ruimte (stap 5 van 5)... De controle op vrije schijfruimte is voltooid.

Vorenstaande bericht uitgevoerd. Kan ik ook op een andere manier een overzicht van de toestand van de schijf nalezen, daar ik het gehele bericht niet snel genoeg kan nalezen, zodat ik hetresultaat hier weer kan geven.

[ATTACH]16648[/ATTACH] Excuus inderdaad, andersom gedaan. Iets te snel gelezen. systeemlog1.txt

[ATTACH]16635[/ATTACH] Hierbij de systeemlog1 systeemlog1.txt

Google toolbar heb ik vandaag gemakshalve maar gedelete. Gezien ik het toch niet gebruik. uTorrent heb ik verwijderd en de nieuwste versie geinstalleerd. Recentelijk kan ik me geen crash herinneren. Al helemaal niet afgelopen week. Buiten mij gebruikt niemand de pc, mits dat ik er ook ben.

Melding 10005 ... ik had tot voor kort IE met google toolbar. Tegenwoordig Google Chrome. Meldin 1003 Het is in de laatste 4 maanden 3x voorgekomen. Nadat ik uTorrent heb verwijderd en de nieuwste versie erop heb gezet was er niets meer aan de hand. Iedere keer als dit programma werd opgestart dan ging het hiermee fout (iig zo leek het voor een leek).

ID 7034 De Print Spooler-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Zie Help en ondersteuning op Events and Errors Message Center: Basic Search voor meer informatie. ID 7036 De HTTP SSL-service heeft nu de status Wordt uitgevoerd. Zie Help en ondersteuning op Events and Errors Message Center: Basic Search voor meer informatie. ID 1003 Foutcode; 1000008e, parameter1: e0000001, parameter2: b8410925, parameter3: b1aa18b8, parameter4: 00000000. Zie Help en ondersteuning op Events and Errors Message Center: Basic Search voor meer informatie. ID 10005 DCOM kreeg foutmelding 'Kan de service niet starten omdat deze is uitgeschakeld of omdat het geen inschakelde apparaten met zich heeft verbonden. ' bij het starten van de gusvc-service met de argumenten '' om de server {89DAE4CD-9F17-4980-902A-99BA84A8F5C8} te starten Zie Help en ondersteuning op Events and Errors Message Center: Basic Search voor meer informatie.

[ATTACH]16558[/ATTACH] Geen probleem. Liever dat ie uiteindelijk weer werkt Thnx iig en ik wacht af wat zal volgen. Fijn weekend en carnaval systeemlog.txt

Wat te doen, zodat uiteindelijk mijn Dell printer A940 wel wordt herkend?

Ja dit is het geval.

DEP in- of uitgeschakeld krijg ik alsnog de volgende schermen bij het opstarten:

Nog altijd klein, maar hopelijk wel leesbaar

Wanneer de printer niet is aangesloten, krijg ik geen foutmelding. Indien de printer is aangesloten is de situatie als in de printscreen:

De Print Spooler is actief zodra deze handmatig gestart wordt. Echter na enkele seconden wordt dit weer gedeactiveerd. Bij status staat niets. Bij het opstarten van de computer wordt aangegeven dat de Print Spooler is gedeactiveerd om het systeem te beschermen. De RPC heeft status actief (na het opstarten, tijdens het computergebruik).

Zowel print spooler als de rpc service staan op automatisch. Dit stonden ze al toen ik dit zojuist checkte. Echter de Print Spooler blijft na het opstarten en automatisch opstarten opnieuw aangeven, dat er bij het aanbrengen van een nieuwe printer de print spooler niet actief is.

Helaas is het probleem niet opgelost. Ik krijg bij het opstarten van het systeem de melding: RCP server niet gestart. Handmatig kan ik geen printer toevoegen oid. Ik krijg de melding: Print Spooler-service is niet actief.

ComboFix 12-02-01.01 - Eigenaar 01-02-2012 22:03:26.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2046.1392 [GMT 1:00] Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Eigenaar\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\2229F c:\documents and settings\All Users\Application Data\2229F\{99F5CECA-C19A-4C99-88B4-143F3077538A}.swf c:\documents and settings\Eigenaar\Local Settings\Application Data\Conduit c:\documents and settings\Eigenaar\Local Settings\Application Data\Temp c:\program files\Conduit c:\program files\Conduit\Community Alerts\Alert.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-01 to 2012-02-01 )))))))))))))))))))))))))))))) . . 2012-01-31 19:51 . 2012-01-31 19:51 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Malwarebytes 2012-01-31 19:51 . 2012-01-31 19:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-01-31 19:51 . 2012-01-31 19:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-31 19:51 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-31 17:50 . 2012-01-31 17:50 -------- d-----w- c:\program files\Trend Micro 2012-01-31 17:26 . 2012-01-31 17:26 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\ElevatedDiagnostics 2012-01-31 17:24 . 2012-01-31 17:24 -------- d-----w- c:\program files\Windows Resource Kits 2012-01-30 19:07 . 2012-01-30 19:08 -------- dc-h--w- c:\windows\ie8 2012-01-27 18:41 . 2012-02-01 20:52 -------- d--h--r- c:\documents and settings\Eigenaar\Onlangs geopend 2012-01-27 18:33 . 2012-01-27 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Tool 2012-01-27 17:22 . 2012-01-30 18:37 -------- d-----w- C:\Dell 2012-01-24 19:56 . 2012-01-24 19:56 -------- d-----w- c:\program files\iPod 2012-01-24 19:56 . 2012-01-24 19:57 -------- d-----w- c:\program files\iTunes 2012-01-17 12:42 . 2012-01-17 12:42 -------- d-----w- c:\program files\uTorrent 2012-01-17 12:41 . 2012-01-17 12:41 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\uTorrent 2012-01-16 01:42 . 2012-01-16 01:42 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\CEZEO software 2012-01-16 01:42 . 2012-01-16 01:42 -------- d-----w- c:\program files\CEZEO software 2012-01-13 17:54 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-01-13 17:54 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-01-13 17:54 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-01-13 17:54 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-01-13 17:54 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-01-13 17:53 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-01-13 17:53 . 2011-11-28 17:51 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-01-13 17:53 . 2011-11-28 17:48 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-01-13 17:53 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr 2012-01-13 17:53 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe 2012-01-13 17:53 . 2012-01-13 17:53 -------- d-----w- c:\program files\AVAST Software 2012-01-13 17:53 . 2012-01-13 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2012-01-03 18:49 . 2012-01-03 18:49 -------- d-----w- c:\windows\Sun . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-15 10:03 . 2003-03-18 21:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-12-06 20:45 . 2011-12-06 20:45 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-12-06 20:45 . 2011-12-06 20:45 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-25 21:57 . 2008-04-14 20:32 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2008-04-14 20:05 1859712 ------w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2008-04-14 20:33 60928 ------w- c:\windows\system32\packager.exe 2011-11-16 14:22 . 2008-04-14 20:32 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:22 . 2008-04-14 20:32 152064 ----a-w- c:\windows\system32\schannel.dll 2011-11-13 01:02 . 2011-09-15 00:38 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-04 19:13 . 2008-04-14 20:32 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2008-04-14 20:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 19:13 . 2008-04-14 20:32 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 11:25 . 2008-04-14 20:05 385024 ------w- c:\windows\system32\html.iec . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys [-] 2008-04-13 23:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys . ((((((((((((((((((((((((((((( SnapShot@2012-02-01_13.06.16 ))))))))))))))))))))))))))))))))))))))))) . + 2012-02-01 20:31 . 2012-02-01 20:31 16384 c:\windows\Temp\Perflib_Perfdata_2e8.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-06 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-21 13895272] "NvMediaCenter"="NvMCTray.dll" [2011-05-21 111208] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "TkBellExe"="d:\cargado y descargado\RealPlayer\update\realsched.exe" [2012-01-15 296056] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-29 813584] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Speed Launcher.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Speed Launcher.lnk backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech SetPoint.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech SetPoint.lnk backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0] 2008-04-23 01:08 483328 -c--a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] 2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 20:32 15360 ------w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-01-16 16:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer] 2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2011-05-21 04:01 13895272 ----a-w- c:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2011-05-21 04:01 111208 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-04-12 09:33 16132608 ----a-r- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2008-12-06 15:57 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "ose"=3 (0x3) "NVSvc"=2 (0x2) "LexBceS"=2 (0x2) "iPod Service"=3 (0x3) "idsvc"=3 (0x3) "gusvc"=3 (0x3) "FLEXnet Licensing Service"=3 (0x3) "Apple Mobile Device"=2 (0x2) "Adobe LM Service"=3 (0x3) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\TeamViewer3\\TeamViewer.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\BitTornado\\btdownloadgui.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"= "c:\\WINDOWS\\system32\\LEXPPS.EXE"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\dlbacoms.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 . R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [11-1-2009 13:39 160640] R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [11-1-2009 13:39 5248] R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [5-3-2009 19:15 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [5-3-2009 19:15 5248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13-1-2012 18:54 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13-1-2012 18:54 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13-1-2012 18:54 20568] R2 dlba_device;dlba_device;c:\windows\system32\dlbacoms.exe -service --> c:\windows\system32\dlbacoms.exe -service [?] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25-6-2010 18:07 35088] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [15-9-2011 1:29 2214504] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29-9-2009 7:11 12160] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29-9-2009 7:11 10496] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29-9-2009 7:11 12928] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [3-12-2008 11:26 47360] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 12:16 130384] S3 bkn50USB;Belkin 54Mbps Wireless USB Network Adapter;c:\windows\system32\drivers\rt2500usb.sys [29-3-2009 21:29 140416] S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [6-12-2011 22:09 155344] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 12:16 753504] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1177238915-682003330-1003Core.job - c:\documents and settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-13 18:12] . 2012-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1177238915-682003330-1003UA.job - c:\documents and settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-13 18:12] . 2012-02-01 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1292428093-1177238915-682003330-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02] . 2012-02-01 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1292428093-1177238915-682003330-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02] . 2012-02-01 c:\windows\Tasks\User_Feed_Synchronization-{2F5E7278-64FC-49B0-9AD0-7B4EC2930781}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 80.58.61.250 80.58.61.254 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-01 22:10 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(808) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . - - - - - - - > 'lsass.exe'(868) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . Voltooingstijd: 2012-02-01 22:13:29 ComboFix-quarantined-files.txt 2012-02-01 21:13 ComboFix2.txt 2012-02-01 13:09 . Pre-Run: 38.371.057.664 bytes beschikbaar Post-Run: 38.353.313.792 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 50868E9104D0869F37B3769E9C642A6A

ComboFix 12-01-31.01 - Eigenaar 01-02-2012 13:58:23.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2046.1401 [GMT 1:00] Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Eigenaar\Application Data\inst.exe c:\documents and settings\Eigenaar\Application Data\vso_ts_preview.xml c:\documents and settings\Eigenaar\WINDOWS c:\windows\bwUnin-8.1.1.50-8876480SL.exe c:\windows\daemon.dll c:\windows\jestertb.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-01 to 2012-02-01 )))))))))))))))))))))))))))))) . . 2012-01-31 19:51 . 2012-01-31 19:51 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Malwarebytes 2012-01-31 19:51 . 2012-01-31 19:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-01-31 19:51 . 2012-01-31 19:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-31 19:51 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-31 17:50 . 2012-01-31 17:50 -------- d-----w- c:\program files\Trend Micro 2012-01-31 17:26 . 2012-01-31 17:26 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\ElevatedDiagnostics 2012-01-31 17:24 . 2012-01-31 17:24 -------- d-----w- c:\program files\Windows Resource Kits 2012-01-30 19:07 . 2012-01-30 19:08 -------- dc-h--w- c:\windows\ie8 2012-01-27 18:41 . 2012-02-01 12:54 -------- d--h--r- c:\documents and settings\Eigenaar\Onlangs geopend 2012-01-27 18:33 . 2012-01-27 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Tool 2012-01-27 17:22 . 2012-01-30 18:37 -------- d-----w- C:\Dell 2012-01-24 19:56 . 2012-01-24 19:56 -------- d-----w- c:\program files\iPod 2012-01-24 19:56 . 2012-01-24 19:57 -------- d-----w- c:\program files\iTunes 2012-01-17 12:42 . 2012-01-17 12:42 -------- d-----w- c:\program files\uTorrent 2012-01-17 12:41 . 2012-01-17 12:41 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\uTorrent 2012-01-16 20:33 . 2012-01-16 20:33 -------- d-----w- c:\program files\Conduit 2012-01-16 20:33 . 2012-01-16 20:41 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\Conduit 2012-01-16 20:33 . 2012-01-16 20:33 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\Temp 2012-01-16 13:00 . 2012-01-16 13:00 -------- d-----w- c:\documents and settings\All Users\Application Data\2229F 2012-01-16 01:42 . 2012-01-16 01:42 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\CEZEO software 2012-01-16 01:42 . 2012-01-16 01:42 -------- d-----w- c:\program files\CEZEO software 2012-01-13 17:54 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-01-13 17:54 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-01-13 17:54 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-01-13 17:54 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-01-13 17:54 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-01-13 17:53 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-01-13 17:53 . 2011-11-28 17:51 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-01-13 17:53 . 2011-11-28 17:48 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-01-13 17:53 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr 2012-01-13 17:53 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe 2012-01-13 17:53 . 2012-01-13 17:53 -------- d-----w- c:\program files\AVAST Software 2012-01-13 17:53 . 2012-01-13 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2012-01-03 18:49 . 2012-01-03 18:49 -------- d-----w- c:\windows\Sun . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-15 10:03 . 2003-03-18 21:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-12-06 20:45 . 2011-12-06 20:45 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-12-06 20:45 . 2011-12-06 20:45 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-25 21:57 . 2008-04-14 20:32 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2008-04-14 20:05 1859712 ------w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2008-04-14 20:33 60928 ------w- c:\windows\system32\packager.exe 2011-11-16 14:22 . 2008-04-14 20:32 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:22 . 2008-04-14 20:32 152064 ----a-w- c:\windows\system32\schannel.dll 2011-11-13 01:02 . 2011-09-15 00:38 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-04 19:13 . 2008-04-14 20:32 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2008-04-14 20:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 19:13 . 2008-04-14 20:32 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 11:25 . 2008-04-14 20:05 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2008-04-14 20:32 386560 ------w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2008-04-14 20:32 1296384 ----a-w- c:\windows\system32\quartz.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys [-] 2008-04-13 23:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-06 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-21 13895272] "NvMediaCenter"="NvMCTray.dll" [2011-05-21 111208] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "TkBellExe"="d:\cargado y descargado\RealPlayer\update\realsched.exe" [2012-01-15 296056] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-29 813584] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Speed Launcher.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Speed Launcher.lnk backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech SetPoint.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech SetPoint.lnk backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0] 2008-04-23 01:08 483328 -c--a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] 2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 ----a-w- c:\windows\ALCMTR.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 20:32 15360 ------w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-01-16 16:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer] 2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2011-05-21 04:01 13895272 ----a-w- c:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2011-05-21 04:01 111208 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-04-12 09:33 16132608 ----a-r- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2008-12-06 15:57 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "ose"=3 (0x3) "NVSvc"=2 (0x2) "LexBceS"=2 (0x2) "iPod Service"=3 (0x3) "idsvc"=3 (0x3) "gusvc"=3 (0x3) "FLEXnet Licensing Service"=3 (0x3) "Apple Mobile Device"=2 (0x2) "Adobe LM Service"=3 (0x3) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\TeamViewer3\\TeamViewer.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"= "c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\BitTornado\\btdownloadgui.exe"= "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"= "c:\\WINDOWS\\system32\\LEXPPS.EXE"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\dlbacoms.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 . R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [11-1-2009 13:39 160640] R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [11-1-2009 13:39 5248] R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [5-3-2009 19:15 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [5-3-2009 19:15 5248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13-1-2012 18:54 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13-1-2012 18:54 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13-1-2012 18:54 20568] R2 dlba_device;dlba_device;c:\windows\system32\dlbacoms.exe -service --> c:\windows\system32\dlbacoms.exe -service [?] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25-6-2010 18:07 35088] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [15-9-2011 1:29 2214504] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29-9-2009 7:11 12160] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29-9-2009 7:11 10496] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29-9-2009 7:11 12928] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [3-12-2008 11:26 47360] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 12:16 130384] S3 bkn50USB;Belkin 54Mbps Wireless USB Network Adapter;c:\windows\system32\drivers\rt2500usb.sys [29-3-2009 21:29 140416] S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [6-12-2011 22:09 155344] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 12:16 753504] . Inhoud van de 'Gedeelde Taken' map . 2012-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1177238915-682003330-1003Core.job - c:\documents and settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-13 18:12] . 2012-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1177238915-682003330-1003UA.job - c:\documents and settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-13 18:12] . 2012-02-01 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1292428093-1177238915-682003330-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02] . 2012-02-01 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1292428093-1177238915-682003330-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02] . 2012-01-31 c:\windows\Tasks\User_Feed_Synchronization-{2F5E7278-64FC-49B0-9AD0-7B4EC2930781}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 80.58.61.250 80.58.61.254 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-AdobeBridge - (no file) HKCU-Run-LG LinkAir - (no file) MSConfigStartUp-Dell AIO Printer A940 - c:\program files\Dell AIO Printer A940\dlbabmgr.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-01 14:06 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . . c:\docume~1\Eigenaar\LOCALS~1\Temp\catchme.dll 53248 bytes executable . Scan succesvol afgerond verborgen bestanden: 1 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(808) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . - - - - - - - > 'lsass.exe'(864) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . Voltooingstijd: 2012-02-01 14:09:10 ComboFix-quarantined-files.txt 2012-02-01 13:09 . Pre-Run: 38.157.656.064 bytes beschikbaar Post-Run: 38.337.761.280 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 2CA7EE5F77AD5BA90B9B6CD42929056A

Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.01.31.08 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Eigenaar :: ANGEL [administrator] 31-1-2012 20:53:00 mbam-log-2012-01-31 (20-53-00).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 193645 Verstreken tijd: 3 minuut/minuten, 36 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) =================================================================================== Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:58:01, on 31-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\WINDOWS\system32\dlbacoms.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe D:\Cargado y Descargado\RealPlayer\update\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [TkBellExe] "D:\Cargado y Descargado\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-1292428093-1177238915-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dlba_device - - C:\WINDOWS\system32\dlbacoms.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- End of file - 8211 bytes

Ik zou de printer installeren op m'n pc, maar de spooler schijnt niet actief te zijn. Als aller eerste heb ik de meest recente drivers van Dell gedownload en die proberen te installeren. Toen dit niet werkte, heb ik bij services getracht de spooler te activeren, maar dit leidde tot geen resultaat. Alvast de Hijack This file, in de hoop dat iemand mij kan helpen de printer te installeren zonder dat ik data ga verliezen oid. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:50:49, on 31-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\WINDOWS\system32\dlbacoms.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe D:\Cargado y Descargado\RealPlayer\update\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [TkBellExe] "D:\Cargado y Descargado\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-21-1292428093-1177238915-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dlba_device - - C:\WINDOWS\system32\dlbacoms.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- End of file - 9170 bytes